Apr 12 2023 12:05 AM
I am currently working on Optimizing our Intune configuration for better efficiency and have encountered challenges related to conflicts between Microsoft Defender for Endpoint baselines and device configuration profiles. One such issue I've noticed involves Bitlocker, which appears to have a conflict affecting over 1,000 devices.
Our "legacy" configuration profile is assigned to these devices, while our "updated" baseline is assigned to users. I have conducted tests on several devices belonging to my team and excluded them from the "legacy" configuration profile. The transition appears to be seamless, without any negative impact on the end user experience or stored bitlocker recovery key.
I am seeking guidance on the following questions:
When it comes to Microsoft Defender for Endpoint baselines, is it more advisable to assign them to devices or users?
Would it be safe and efficient to transition all of our devices to exclusively use the Microsoft Defender for Endpoint baseline, rather than maintaining separate configuration profiles? The settings in both configurations are closely aligned.
Thank you in advance!
Apr 12 2023 02:01 AM
SolutionApr 12 2023 02:01 AM
Solution